An exciting opportunity to work for a large, established Technology firm in Singapore
Strong variable bonus earning potential
The Company
A strong and well-established technology firm known for its digital transformation and empowerment in Singapore.
The Role
You will be a senior and key member of the AppSec team responsible for planning and executing the enterprise AppSec plan, standardisation of the AppSec practices and solutions, and delivery of AppSec professional services and trainings to application teams to uplift their AppSec practices.
Develop secure application development practices, standards, guidelines and solutions with the aim to standardise and raise the AppSec practices of our application teams.
Promote the adoption of leading AppSec practices and solutions among agency application teams in line with the current development in the AppSec space.
Study and propose the AppSec roadmap to uplift the way application security is practiced today.
Perform AppSec assessment services for selected applications using a combination of threat modelling, vulnerability research, code scanning, application security testing and recommendation of proper remediation actions.
Develop AppSec related awareness programme/training/courses to uplift AppSec capabilities and competencies across the division.
Support other security roles and/or security initiatives/assignments undertaken.
Skills & Experience
Degree in Computer/Computer Science or Electronic Engineering or Information Technology or an equivalent discipline.
8 years of work experience (or more) with 2 to 3 years of relevant experience in web or mobile application security.
Possess security certifications such as CISSP, CSSLP, CISM and/or CISA.
Strong interest and passion for the field of infocomm security, specifically in the area of application security.
Familiar with application security review and testing approaches/methodologies in both waterfall and agile application software development.
Familiar with CI/CD and DevOps/DevSecOps, and how security testing can be integrated and automated as part of software delivery pipelines.
Able to recommend use of appropriate AppSec tools (eg. static code scanners, dynamic scanners, etc) and assist application teams in adopting these tools.
Experience in performing risk assessment or threat modelling.
Experience as penetration tester and source code reviewer is an added advantage.
Proactive self-starter with an analytical and creative mind.
What’s on offer?
A good exposure to further hone your technical/application security skills and develop your leadership skills with one of the largest technology companies in Singapore
A competitive salary package awaits you!
How to apply?
If this sounds like your dream job, look no further and click the Apply button below. Or reach out to Bruce Fong at bfong@welovesalt.com for a confidential discussion.
CEI Registration No. R1111247 | Licence No.: 07C3147
Salt is acting as an Employment Agency in relation to this vacancy.